US2017365193A1PendingUtilityA1
Mutable secure communication
Est. expiryJun 18, 2036(~9.9 yrs left)· nominal 20-yr term from priority
Inventors:Lior Malka
H04L 9/06H04L 9/065G09C 5/00H04L 2209/72H04L 9/0618H04L 9/3215
20
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Secure communication provides data confidentiality, data integrity, and authentication. In one embodiment, encryption and signatures are used to construct a signcryption, which provides confidentiality and integrity. In one embodiment, an identifier and the output of a cryptographic function applied to a token are used to establish a secure channel. In one embodiment, a secure channel is mutated into a new secure channel using a renew message and a construct containing elements for establishing a secure channel.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of signcryption, the method comprising:
receiving a plaintext as input; and buffering the plaintext to produce a block; and producing a metadata for the block; and producing a first digest for the metadata using a first signature; and producing a second digest for the block using a second signature; and producing a ciphertext by applying an encryption to the metadata and the first digest and the block and the second digest; and outputting the ciphertext.
2 . The Method of claim 1 , wherein the metadata contains the length of the block.
3 . The Method of claim 1 , wherein the metadata contains a counter of the number of blocks produced.
4 . The Method of claim 1 , wherein the metadata has a fixed length.
5 . The Method of claim 1 , wherein at least one of first digest and second digest is not encrypted.
6 . The Method of claim 1 , wherein at least one of first signature and second signature is keyless.
7 . The Method of claim 1 , wherein the encryption has key replacement.
8 . The Method of claim 1 , wherein the encryption is implemented as a stream.
9 . A method of establishing a secure channel, the method comprising:
receiving input containing an identifier, a token, and a sequence representing a cryptographic function; and writing the token into the channel; and applying the cryptographic function to the token; and writing the output of the cryptographic function into the channel; and outputting a secure channel using the cryptographic function.
10 . The method of claim 9 , wherein the cryptographic function is a signcryption.
11 . The method of claim 9 , wherein at least one of the identifier and the token contain at least 64 bytes.
12 . The method of claim 9 , further comprising sending a randomly selected first number on the secure channel and closing the channel if a second number equal to the first number is not sent in response.
13 . A method of mutating a secure channel, the method comprising:
sending over a first secure channel a renew message from first party with a first storage to a second party with a second storage; and generating using random values a construct containing elements used to establish the first secure channel; and storing the construct on the second storage; and sending the construct over the first secure channel from the second party to the first party; and storing the construct on the first storage; and replacing the first secure channel with a second secure channel using elements from the second construct.
14 . The method of claim 13 , wherein the construct contains an identifier, a token, and a sequence representing a signcryption.
15 . The method of claim 12 , wherein replacing the first secure channel with a second secure channel using elements from the second construct occurs immediately after storing the construct on the first storage.
16 . The method of claim 12 , wherein the construct is associated with a counter that is incremented each time a secure channel is established.
17 . The method of claim 12 , further comprising removing from first storage and second storage all constructs not used to establish the secure channel.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.